<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Passport extends CI_Controller {
	function __construct() {
		parent::__construct();
		$this->load->library('session');
	}

	function login() {
		echo 2;
		return;
		if(!$_POST) {
			$data = array();
			$login_error = $this->session->userdata('login_error');
			if($login_error) {
				$data['login_error'] = $this->session->userdata('login_error');
				$this->session->unset_userdata('login_error');
			}
			$data['uname'] = $this->session->userdata('uname');
			$this->session->unset_userdata('uname');
			$this->load->view('passport/login', $data);
			return;
		}

		$uname = $this->input->post('uname');
		$password = $this->input->post('password');
		$verifyCode = $this->input->post('verifycode');

		// 验证码
		$captcha = $this->session->userdata('captcha');
		$this->session->unset_userdata('captcha');
		if(strtoupper($verifyCode) != strtoupper($captcha)) {
			$this->session->set_userdata('login_error', '验证码错误');
			redirect('/passport/login');
			return;
		}

		//登陆验证
		$this->load->model('desktop/admin_user_model' , 'model');
		$user = $this->model->validate($uname , $password);
		if($user) {
			$data = array();
			$data['userId'] = $user['userId'];
			$data['username'] = $user['username'];
			$data['mobile'] = $user['mobile'];
			$data['super'] = $user['super'];
			$data['isLogin'] = true;
			$ret = $this->_isAllowIp();
			if( ! ($user['super'] == 'true' ||  $this->_isAllowIp())){
				//跳转到发送手机验证码页面
				$data['isLogin'] = false;
				$this->session->set_userdata('user', $data);
				$this->load->view('passport/mobile_validate', array('mobile'=>$user['mobile']));
				return;
			}
			$this->session->set_userdata('user', $data);
			$this->model->updateLoginTime($user['userId']);
			$this->_AddLoginAudit($user['userId'], $user['username']);
			redirect('/');
		} else {
			$this->session->set_userdata('uname', $uname);
			$this->session->set_userdata('login_error', '用户验证失败');
		}
		redirect('/passport/login');
	}

	function logout() {
		$this->session->unset_userdata('user');
		redirect('/passport/login');
	}

	function verify() {
		if(!$_POST) {
			$this->load->view('passport/verify');
			return;
		}
	}

	function gen_vcode(){
		try{
			$this->session->unset_userdata('captcha');
			$this->load->library('PhpCaptcha');
			$this->phpcaptcha->SetWidth(120);
			$this->phpcaptcha->SetHeight(30);
			$this->phpcaptcha->SetNumChars(4);
			$code = $this->phpcaptcha->Create();
			if(!$code) {
				log_message('error', 'Passport::gen_vcode|ERROR|empty code:' . $code);
				return;
			}
			// save to session
			$this->session->set_userdata('captcha', $code);

		}catch(Exception $e){
			log_message('error', 'Passport::gen_vcode|ERROR|' . $e);
		}
		return;
	}
	
	/**
	 *判断ip是否在白名单
	 */
	function _isAllowIp(){
		$allowIps = array('113.116.206.3' , '183.13.81.66' , '172.16.13.0');
		$ip = $this->input->ip_address();
		foreach($allowIps as $allowIp){
			if($this->_ismatch($ip , $allowIp)){
				return true;
			}
		}
		return false;
	}
	
	function _ismatch($ip , $allowIp){
		if($ip == $allowIp){
			return true;
		}
		$aiparr = explode('.' , $allowIp);
		$iparr = explode( '.' , $ip);
		foreach($aiparr as $idx=>$v){
			if($v != 0 && $v != $iparr[$idx]){
				return false;
			}
		}
		return true;
	}
	
	/**
	 *生成随机数并发送短信
	 */
	function sendVcode(){
		$user =  $this->session->userdata('user');
		if( ! empty($user)){
			$vcodetime = $this->session->userdata('vcodetime');
			if($vcodetime){
				$now = mktime();
				if($now - $vcodetime < 30){
					echo 'false';
					return;
				}
			}
			$this->session->set_userdata('vcodetime' , mktime());
			$mobile = $user['mobile'];
			$vcode = mt_rand(1001,9999);
			$this->load->library('SMSProxy' , 'smsproxy');
			$msg = '管理系统登录验证码：'.$vcode;
			$ret = $this->smsproxy->sendSMS($mobile , $msg, 'sendVcode');
			$this->session->set_userdata('vcode', array($user['username'] => $vcode));
			if($ret === 0){
				echo 'true';
			}else{
				echo 'false';
			}
		}
	}
	
	/**
	 *验证code
	 */
	function validateCode(){
		$vcode = trim($this->input->post('vcode'));
		
		$user =  $this->session->userdata('user');
		if(empty($user)){
			redirect('/passport/login');
			return;
		}
		$sscode = $this->session->userdata('vcode');
		$this->session->unset_userdata('vcode');
		
		if($vcode == $sscode[$user['username']] && $sscode[$user['username']] != '' && $vcode != '' ){
			//设置cookie有效时间
			//$this->config->set_item('sess_expire_on_close', true);
			$user['isLogin'] = true;
			$this->session->set_userdata('user', $user);
			redirect('/');
		}else{
			$this->load->view('passport/mobile_validate', array('mobile'=>$user['mobile'], 'error_msg'=>'验证失败，请重新发送验证码'));
		}
	}
	
	/*
	 * 记录审计信息
	 */
	function _AddLoginAudit($userId, $userName){
		$data = array(
  			'module'=>'login',
  			'context'=>$userId,
  			'oper_user_type'=>'OPERATOR',
  			'oper_user_id'=>$userId,
  			'oper_user_name'=>$userName,
  			'oper_desc'=>'用户：' . $userName . '，登陆',
  			'memo'=>'',
  			'ctime'=>date('Y-m-d H:i:s'),
  			'addon'=>''
		);
		$this->load->model('admin_audits_model');
		$this->admin_audits_model->insert($data);
	}
}

/* End of file password.php */
/* Location: ./application/controllers/password.php */
